如果winsock2套接字是非阻塞的,与之关联的SSL对象是否也会表现出非阻塞的行为?
[英]If a winsock2 socket is non-blocking, would an SSL object associated with it also exhibit non-blocking behavior?
问题描述
I'm asking this question because I am unsure whether an SSL object treats a socket as a sink/source for messages like it does with a BIO object. 
我问这个问题是因为我不确定SSL对象是否像对待BIO对象一样将套接字视为消息的接收器/源。 My gut is telling me yes, but I'm not certain. 我的直觉告诉我是的,但我不确定。
Goal: I am integrating a SSL authentication into already existing TCP code. 目标:我正在将SSL身份验证集成到已经存在的TCP代码中。 Rather than calling the conventional send()/receive(), I would like to direct the messages through OpenSSL's SSL_read()/SSL_write() instead. 我不想调用常规的send()/ receive(),而是通过OpenSSL的SSL_read()/ SSL_write()定向消息。 My other requirement is that communication is non-blocking and data can be partially sent. 我的另一个要求是通信是非阻塞的,并且可以部分发送数据。
Here's how I've associated the SSL object with the socket (Server code). 这是我将SSL对象与套接字(服务器代码)相关联的方法。
SSL_Init(std::wstring &peer_hostname, SOCKET sock){
//...
//Initialize SSL structure
ssl = SSL_new(context);
if (ssl == NULL){
mr = APPZRETURN(E_FAIL, L"%ls (%d) : SSL_new failed. Unable to create SSL structure", __FUNCTIONW__, __LINE__);
}
//Agent uses winsock class, but OpenSSL uses unix socket. Surpressed warning added here for 4244. It works
if (SSL_set_fd(ssl, sock) == 0){ //set file descriptor for ssl
//Operation failed
return -1;
}
//...
int status = SSL_accept(ssl);
SSL_set_mode(ssl, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER|SSL_MODE_ENABLE_PARTIAL_WRITE);
//...
}
According to the documentation for SSL_read() [ https://www.openssl.org/docs/ssl/SSL_read.html] , the SSL is non-blocking if the underlying BIO is non-blocking. 根据SSL_read()的文档[ https://www.openssl.org/docs/ssl/SSL_read.html] ,如果基础BIO是非阻塞的,则SSL是非阻塞的。 If my assumption is correct, does that mean if the socket is non-blocking, the SSL is as well? 如果我的假设是正确的,那是否意味着如果套接字是非阻塞的,那么SSL也是如此?
Extension of my Question : Is a winsock tcp socket non-blocking by default (assuming I have created a TCP socket, but have not called ioctlsocket and set non-blocking mode) 我的问题的扩展 :默认情况下,winsock tcp套接字是非阻塞的(假设我已经创建了一个TCP套接字,但是没有调用ioctlsocket并设置了非阻塞模式)
Thank you for taking the time to read this. 感谢您抽出时间来阅读。 It's much appreciated. 非常感谢。
2 个解决方案
解决方案1
0 2015-04-22 18:21:24
If my assumption is correct, does that mean if the socket is non-blocking, the SSL is as well?
Yes. 是。
Is a winsock tcp socket non-blocking by default (assuming I have created a TCP socket, but have not called ioctlsocket and set non-blocking mode)
Unix sockets are by default blocking. Unix套接字默认情况下处于阻塞状态。 Haven't used Winsock. 还没用过Winsock。 But am sure Winsock should be by default blocking. 但是,请确保Winsock默认情况下应处于阻止状态。
解决方案2
0 2015-10-27 12:05:42
try following code: 尝试以下代码:
SSL_set_fd(ss, sock);
retry:
int ret = SSL_accept(ssl);
if (ret != 1) {
int err = SSL_get_error(ssl, ret);
if (err == SSL_ERROR_WANT_READ || SSL_ERROR_WANT_WRITE) {
// maybe need some sleep or select
goto retry;
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.